git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Dongha Lee <p@sswd.pw>
	Sat, 6 Sep 2025 04:07:24 +0000 (13:07 +0900)
committer	Oliver Upton <oliver.upton@linux.dev>
	Wed, 10 Sep 2025 09:56:20 +0000 (02:56 -0700)
commit	ebb2d8fd81b82c8a57f88add118108b1c4408670
tree	91d87075a549375d8f666a7a88e8c9250da65446	tree \| snapshot
parent	13bba09beb5ffa1a4f307c48576c09d5c69f4c31	commit \| diff

KVM: arm64: nv: Fix incorrect VNCR invalidation range calculation

The code for invalidating VNCR entries in both kvm_invalidate_vncr_ipa()
and invalidate_vncr_va() incorrectly uses a bitwise AND with `(size - 1)`
instead of `~(size - 1)` to align the start address. This results
in masking the address bits instead of aligning them down to the start
of the block.

This bug may cause stale VNCR TLB entries to remain valid even after a
TLBI or MMU notifier, leading to incorrect memory translation and
unexpected guest behavior.

Credit to Team 0xB6 in bob14: DongHa Lee, Gyujeong Jin, Daehyeon Ko,
Geonha Lee, Hyungyu Oh, and Jaewon Yang.

Reviewed-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Dongha Lee <p@sswd.pw>
Link: https://lore.kernel.org/r/20250906040724.72960-1-p@sswd.pw
Signed-off-by: Oliver Upton <oliver.upton@linux.dev>